Skip to content

Fix | Changes after 9.2.0 static analysis #1498

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
peterbae merged 9 commits into from
Jan 25, 2021
Merged

Fix | Changes after 9.2.0 static analysis #1498

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
09805b4
updating jdk version for travis
rene-ye Oct 18, 2018
ed37667
Merge branch 'dev' of https://github.com/Microsoft/mssql-jdbc into dev
rene-ye Oct 23, 2018
29d422c
Merge branch 'dev' of https://github.com/Microsoft/mssql-jdbc into dev
rene-ye Oct 23, 2018
1d7998c
Merge branch 'dev' of https://github.com/Microsoft/mssql-jdbc into dev
rene-ye Oct 25, 2018
c829707
Merge branch 'dev' of https://github.com/Microsoft/mssql-jdbc into dev
rene-ye Oct 26, 2018
c5c8266
Adding unique ID to bulkcopycursor test and sorting tables by ASC bef…
rene-ye Oct 26, 2018
40e0388
sonar Changes
rene-ye Jan 15, 2021
28342e3
Merge branch 'dev' of https://github.com/microsoft/mssql-jdbc into so…
rene-ye Jan 15, 2021
e798006
more fixes
rene-ye Jan 15, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions src/main/java/com/microsoft/sqlserver/jdbc/KeyVaultTokenCredential.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@
*/
@Immutable
class KeyVaultTokenCredential implements TokenCredential {
private static final String NULL_VALUE = "R_NullValue";
Copy link
Contributor

@lilgreenbird lilgreenbird Jan 21, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if you do this why not define this to be the error string?
i.e. private static final String NULL_VALUE = SQLServerException.getErrString("R_NullValue");


private final String clientId;
private final String clientSecret;
private final SQLServerKeyVaultAuthenticationCallback authenticationCallback;
Expand All @@ -48,13 +50,13 @@ class KeyVaultTokenCredential implements TokenCredential {
*/
KeyVaultTokenCredential(String clientId, String clientSecret) throws SQLServerException {
if (null == clientId || clientId.isEmpty()) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Client ID"};
throw new SQLServerException(form.format(msgArgs1), null);
}

if (null == clientSecret || clientSecret.isEmpty()) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Client Secret"};
throw new SQLServerException(form.format(msgArgs1), null);
}
Expand Down Expand Up @@ -116,19 +118,19 @@ KeyVaultTokenCredential setAuthorization(String authorization) {
*/
private ConfidentialClientApplication getConfidentialClientApplication() {
if (null == clientId) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Client ID"};
throw new IllegalArgumentException(form.format(msgArgs1), null);
}

if (null == authorization) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Authorization"};
throw new IllegalArgumentException(form.format(msgArgs1), null);
}

if (null == clientSecret) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Client Secret"};
throw new IllegalArgumentException(form.format(msgArgs1), null);
}
Expand Down
14 changes: 8 additions & 6 deletions ...ain/java/com/microsoft/sqlserver/jdbc/SQLServerColumnEncryptionAzureKeyVaultProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,8 @@ public class SQLServerColumnEncryptionAzureKeyVaultProvider extends SQLServerCol
private static final int KEY_NAME_INDEX = 4;
private static final int KEY_URL_SPLIT_LENGTH_WITH_VERSION = 6;
private static final String KEY_URL_DELIMITER = "/";
private static final String NULL_VALUE = "R_NullValue";

private HttpPipeline keyVaultPipeline;
private KeyVaultTokenCredential keyVaultTokenCredential;

Expand Down Expand Up @@ -102,12 +104,12 @@ public String getName() {
*/
public SQLServerColumnEncryptionAzureKeyVaultProvider(String clientId, String clientKey) throws SQLServerException {
if (null == clientId || clientId.isEmpty()) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Client ID"};
throw new SQLServerException(form.format(msgArgs1), null);
}
if (null == clientKey || clientKey.isEmpty()) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Client Key"};
throw new SQLServerException(form.format(msgArgs1), null);
}
Expand Down Expand Up @@ -141,7 +143,7 @@ public SQLServerColumnEncryptionAzureKeyVaultProvider(String clientId, String cl
*/
SQLServerColumnEncryptionAzureKeyVaultProvider(String clientId) throws SQLServerException {
if (null == clientId || clientId.isEmpty()) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Client ID"};
throw new SQLServerException(form.format(msgArgs1), null);
}
Expand All @@ -160,7 +162,7 @@ public SQLServerColumnEncryptionAzureKeyVaultProvider(String clientId, String cl
*/
public SQLServerColumnEncryptionAzureKeyVaultProvider(TokenCredential tokenCredential) throws SQLServerException {
if (null == tokenCredential) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Token Credential"};
throw new SQLServerException(form.format(msgArgs1), null);
}
Expand All @@ -183,7 +185,7 @@ public SQLServerColumnEncryptionAzureKeyVaultProvider(TokenCredential tokenCrede
public SQLServerColumnEncryptionAzureKeyVaultProvider(
SQLServerKeyVaultAuthenticationCallback authenticationCallback) throws SQLServerException {
if (null == authenticationCallback) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"SQLServerKeyVaultAuthenticationCallback"};
throw new SQLServerException(form.format(msgArgs1), null);
}
Expand All @@ -202,7 +204,7 @@ public SQLServerColumnEncryptionAzureKeyVaultProvider(
*/
private void setCredential(TokenCredential credential) throws SQLServerException {
if (null == credential) {
MessageFormat form = new MessageFormat(SQLServerException.getErrString("R_NullValue"));
MessageFormat form = new MessageFormat(SQLServerException.getErrString(NULL_VALUE));
Object[] msgArgs1 = {"Credential"};
throw new SQLServerException(form.format(msgArgs1), null);
}
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/com/microsoft/sqlserver/jdbc/SQLServerConnection.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2366,8 +2366,9 @@ private void login(String primary, String primaryInstanceName, int primaryPortNu
+ " Timeout Unit Interval: " + timeoutUnitInterval);
}

boolean isInteractive = (null == authenticationString) ? false : authenticationString
.equalsIgnoreCase(SqlAuthentication.ActiveDirectoryInteractive.toString());
// Returns false if authenticationString is null
boolean isInteractive = SqlAuthentication.ActiveDirectoryInteractive.toString()
.equalsIgnoreCase(authenticationString);

// Initialize loop variables
int attemptNumber = 0;
Expand Down
17 changes: 9 additions & 8 deletions src/main/java/com/microsoft/sqlserver/jdbc/SQLServerMSAL4JUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,8 +40,9 @@
class SQLServerMSAL4JUtils {

static final String REDIRECTURI = "http://localhost";
private static final String SLASH_DEFAULT = "/.default";

static final private java.util.logging.Logger logger = java.util.logging.Logger
private static final java.util.logging.Logger logger = java.util.logging.Logger
.getLogger("com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils");

static SqlFedAuthToken getSqlFedAuthToken(SqlFedAuthInfo fedAuthInfo, String user, String password,
Expand All @@ -53,7 +54,7 @@ static SqlFedAuthToken getSqlFedAuthToken(SqlFedAuthInfo fedAuthInfo, String use
.builder(ActiveDirectoryAuthentication.JDBC_FEDAUTH_CLIENT_ID).executorService(executorService)
.authority(fedAuthInfo.stsurl).build();
final CompletableFuture<IAuthenticationResult> future = pca.acquireToken(UserNamePasswordParameters
.builder(Collections.singleton(fedAuthInfo.spn + "/.default"), user, password.toCharArray())
.builder(Collections.singleton(fedAuthInfo.spn + SLASH_DEFAULT), user, password.toCharArray())
.build());

final IAuthenticationResult authenticationResult = future.get();
Expand All @@ -71,10 +72,10 @@ static SqlFedAuthToken getSqlFedAuthTokenPrincipal(SqlFedAuthInfo fedAuthInfo, S
String aadPrincipalSecret, String authenticationString) throws SQLServerException {
ExecutorService executorService = Executors.newSingleThreadExecutor();
try {
String defaultScopeSuffix = "/.default";
String defaultScopeSuffix = SLASH_DEFAULT;
String scope = fedAuthInfo.spn.endsWith(defaultScopeSuffix) ? fedAuthInfo.spn
: fedAuthInfo.spn + defaultScopeSuffix;
Set<String> scopes = new HashSet<String>();
Set<String> scopes = new HashSet<>();
scopes.add(scope);
IClientCredential credential = ClientCredentialFactory.createFromSecret(aadPrincipalSecret);
ConfidentialClientApplication clientApplication = ConfidentialClientApplication
Expand Down Expand Up @@ -114,7 +115,7 @@ static SqlFedAuthToken getSqlFedAuthTokenIntegrated(SqlFedAuthInfo fedAuthInfo,
.authority(fedAuthInfo.stsurl).build();
final CompletableFuture<IAuthenticationResult> future = pca
.acquireToken(IntegratedWindowsAuthenticationParameters
.builder(Collections.singleton(fedAuthInfo.spn + "/.default"), user).build());
.builder(Collections.singleton(fedAuthInfo.spn + SLASH_DEFAULT), user).build());

final IAuthenticationResult authenticationResult = future.get();
return new SqlFedAuthToken(authenticationResult.accessToken(), authenticationResult.expiresOnDate());
Expand All @@ -135,7 +136,7 @@ static SqlFedAuthToken getSqlFedAuthTokenInteractive(SqlFedAuthInfo fedAuthInfo,
PublicClientApplication pca = PublicClientApplication
.builder(ActiveDirectoryAuthentication.JDBC_FEDAUTH_CLIENT_ID).executorService(executorService)
.setTokenCacheAccessAspect(PersistentTokenCacheAccessAspect.getInstance())
.authority(fedAuthInfo.stsurl).logPii((logger.isLoggable(Level.FINE)) ? true : false).build();
.authority(fedAuthInfo.stsurl).logPii((logger.isLoggable(Level.FINE))).build();

CompletableFuture<IAuthenticationResult> future = null;
IAuthenticationResult authenticationResult = null;
Expand All @@ -150,7 +151,7 @@ static SqlFedAuthToken getSqlFedAuthTokenInteractive(SqlFedAuthInfo fedAuthInfo,
logger.fine(logger.toString() + "Silent authentication for user:" + user);
}
SilentParameters silentParameters = SilentParameters
.builder(Collections.singleton(fedAuthInfo.spn + "/.default"), account).build();
.builder(Collections.singleton(fedAuthInfo.spn + SLASH_DEFAULT), account).build();

future = pca.acquireTokenSilently(silentParameters);
}
Expand All @@ -169,7 +170,7 @@ static SqlFedAuthToken getSqlFedAuthTokenInteractive(SqlFedAuthInfo fedAuthInfo,
InteractiveRequestParameters parameters = InteractiveRequestParameters.builder(new URI(REDIRECTURI))
.systemBrowserOptions(SystemBrowserOptions.builder()
.htmlMessageSuccess(SQLServerResource.getResource("R_MSALAuthComplete")).build())
.loginHint(user).scopes(Collections.singleton(fedAuthInfo.spn + "/.default")).build();
.loginHint(user).scopes(Collections.singleton(fedAuthInfo.spn + SLASH_DEFAULT)).build();

future = pca.acquireToken(parameters);
authenticationResult = future.get();
Expand Down